Validated 202-450 Preparation Exams 2021

NEW QUESTION 1
Which http_access directive for Squid allows users in the ACL named sales_net to only access the Internet at times specified in the time_acl named sales_time?

• A. http_access deny sales_time sales_net
• B. http_access allow sales_net sales_time
• C. http_access allow sales_net and sales-time
• D. allow http_access sales_net sales_time
• E. http_access sales_net sales_time

Answer: B

NEW QUESTION 2
Which of the following commands can be used to connect and interact with remote TCP network services? (Choose two.)

• A. nettalk
• B. nc
• C. telnet
• D. cat
• E. netmap

Answer: BC

NEW QUESTION 3
Which of the following PAM modules allows the system administrator to use an arbitrary file containing a list of user and group names with restrictions on the system resources available to them?

• A. pam_filter
• B. pam_limits
• C. pam_listfile
• D. pam_unix

Answer: B

NEW QUESTION 4
Which of these tools, without any options, provides the most information when performing DNS queries?

• A. dig
• B. nslookup
• C. host
• D. named-checkconf
• E. named-checkzone

Answer: A

NEW QUESTION 5
When trying to reverse proxy a web server through Nginx, what keyword is missing from the following configuration sample?

• A. remote_proxy
• B. reverse_proxy
• C. proxy_reverse
• D. proxy_pass
• E. forward_to

Answer: D

NEW QUESTION 6
How must Samba be configured such that it can check CIFS passwords against those found in
/etc/passwd and /etc/shadow?

• A. Set the parameters “encrypt passwords = yes” and “password file = /etc/passwd”
• B. Set the parameters “encrypt passwords = yes”, “password file = /etc/passwd” and “password algorithm = crypt”
• C. Delete the smbpasswd file and create a symbolic link to the passwd and shadow file
• D. It is not possible for Samba to use /etc/passwd and /etc/shadow directly
• E. Run smbpasswd to convert /etc/passwd and /etc/shadow to a Samba password file

Answer: D

NEW QUESTION 7
CORRECT TEXT
In order to export /usr and /bin via NFSv4, /exports was created and contains working bind mounts to /usr and /bin. The following lines are added to /etc/exports on the NFC server:

After running
mount-tnfsv4 server://mnt
of an NFC-Client, it is observed that /mnt contains the content of the server’s /usr directory instead of the content of the NFSv4 foot folder.
Which option in /etc/exports has to be changed or removed in order to make the NFSv4 root folder appear when mounting the highest level of the server? (Specify ONLY the option name without any
values or parameters.)

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
mount

NEW QUESTION 8
Which of the following actions synchronizes UNIX passwords with the Samba passwords when the encrypted Samba password is changed using smbpasswd?

• A. There are no actions to accomplish this since is not possible.
• B. Run netvamp regularly, to convert the passwords.
• C. Run winbind –sync, to synchronize the passwords.
• D. Add unix password sync = yes to smb.conf
• E. Add smb unix password = sync to smb.conf

Answer: D

NEW QUESTION 9
Which of the following PAM modules sets and unsets environment variables?

• A. pam_set
• B. pam_shell
• C. pam-vars
• D. pam-env
• E. pam_export

Answer: D

NEW QUESTION 10
Which Apache HTTPD directive enables HTTPS protocol support?

• A. HTTPSEngine on
• B. SSLEngine on
• C. SSLEnable on
• D. HTTPSEnable on
• E. StartTLS on

Answer: B

NEW QUESTION 11
There is a restricted area in a site hosted by Apache HTTPD, which requires users to authenticate against the file /srv/www/security/sitepasswd.
Which command is used to CHANGE the password of existing users, without losing data, when Basic authentication is being used?

• A. htpasswd –c /srv/www/security/sitepasswd user
• B. htpasswd /srv/www/security/sitepasswd user
• C. htpasswd –n /srv/www/security/sitepasswd user
• D. htpasswd –D /srv/www/security/sitepasswd user

Answer: A

NEW QUESTION 12
Which of the following values can be used in the OpenLDAP attribute olcBackend for any object of the class olcBackendConfig to specify a backend? (Choose three.)

• A. xml
• B. bdb
• C. passwd
• D. ldap
• E. text

Answer: BDE

NEW QUESTION 13
CORRECT TEXT
What command creates a SSH key pair? (Specify ONLY the command without any path or parameters)

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
ssh-keygen

NEW QUESTION 14
CORRECT TEXT
Which directive in a Nginx server configuration block defines the TCP ports on which the virtual host will be available, and which protocols it will use? (Specify ONLY the option name without any values.)

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
listen

NEW QUESTION 15
A zone file contains the following lines:

and is included in the BIND configuration using this configuration stanza:

Which problem is contained in this configuration?

• A. The zone statement is the BIND configuration must contain the cross-zone-data yes; statement.
• B. The zone cannon contain records for a name which is outside the zone’s hierarchy.
• C. The $ORIGIN declaration cannot be used in zone files that are included for a specific zone name in the BIND configuration.
• D. An A record cannot contain an IPv4 address because its value is supposed to be a reverse DNS name.
• E. Names of records in a zone file cannot be fully qualified domain name

Answer: C

NEW QUESTION 16
Using its standard configuration, how does fail2ban block offending SSH clients?

• A. By rejecting connections due to its role as a proxy in front of SSHD.
• B. By modifying and adjusting the SSHD configuration.
• C. By creating and maintaining netfilter rules.
• D. By creating null routes that drop any answer packets sent to the client.
• E. By modifying and adjusting the TCP Wrapper configuration for SSH

Answer: B

NEW QUESTION 17
When are Sieve filters usually applied to an email?

• A. When the email is delivered to a mailbox
• B. When the email is relayed by an SMTP server
• C. When the email is received by an SMTP smarthost
• D. When the email is sent to the first server by an MUA
• E. When the email is retrieved by an MUA

Answer: A

NEW QUESTION 18
Which of the following sshd configuration should be set to no in order to fully disable password
based logins? (Choose two.)

• A. PAMAuthentication
• B. ChallengegeResponseAuthentication
• C. PermitPlaintextLogin
• D. UsePasswords
• E. PasswordAuthentication

Answer: BE

NEW QUESTION 19
A BIND server should be upgraded to use TSIG. Which configuration parameters should be added if the server should use the algorithm hmac-md5 and the key skrKc4DoTzi/takIlPi7JZA==?

• A. Option A
• B. Option B
• C. Option C
• D. Option D
• E. Option E

Answer: C

NEW QUESTION 20
Which statements about the Alias and Redirect directives in Apache HTTPD’s configuration file are true? (Choose two.)

• A. Alias can only reference files under DocumentRoot
• B. Redirect works with regular expressions
• C. Redirect is handled on the client side
• D. Alias is handled on the server side
• E. Alias is not a valid configuration directive

Answer: CD

NEW QUESTION 21
Which of the following commands is used to change user passwords in an OpenLDAP directory?

• A. setent
• B. ldpasswd
• C. olppasswd
• D. ldappasswd
• E. ldapchpw

Answer: D

NEW QUESTION 22
If there is no access directive, what is the default setting for OpenLDAP?

• A. Option A
• B. Option B
• C. Option C
• D. Option D

Answer: B

NEW QUESTION 23
For what purpose is TCP/IP stack fingerprinting used by nmap?

• A. It is used to determine the remote operating system.
• B. It is used to filter out responses from specific servers.
• C. It is used to identify duplicate responses from the same remote server.
• D. It is used to masquerade the responses of remote servers.
• E. It is used to uniquely identify servers on the network for forensic

Answer: A

NEW QUESTION 24
......